<?php
include dirname(dirname(__FILE__)).'/admin-verify.php';
require dirname(__FILE__).'/functions.php';
include_once dirname(dirname(dirname(__FILE__))).'/include/host-base.php';

$username = addslashes($_POST['username']);
$password = md5(addslashes($_POST['password']));
$student_id = addslashes($_POST['student_id']);
$sex = addslashes($_POST['sex']);
$grade = addslashes($_POST['grade']);
$department = addslashes($_POST['department']);
$user_role = addslashes($_POST['user_role']);
$phone = addslashes($_POST['phone']);
$user_real_name = addslashes($_POST['user_real_name']);
$is_user_on_duty = 0;
if(isset($_POST['is_user_on_duty'])&&$_POST['is_user_on_duty']==1)$is_user_on_duty = addslashes($_POST['is_user_on_duty']);

if($username==null||$password==null||$user_role==null) {
	alertInfo("请先完成必填项！",getHost().'/admin/user-manage/index.php');
	exit();
}

if($user_role=='admin'&&$_SESSION['user_role']!='super_admin') {
	alertInfo("你没有该操作权限！",getHost().'/admin/user-manage/index.php');
	exit();
}
if(isUsernameExist($username)) {
	alertInfo("该用户名已存在",getHost().'/admin/user-manage/index.php');
	exit();
}


$params = array('username' => '"'.$username.'"',
				'password' => '"'.$password.'"',
				'student_id' => '"'.$student_id.'"',
				'sex' => '"'.$sex.'"',
				'grade' => '"'.$grade.'"',
				'phone' => '"'.$phone.'"',
				'department' => '"'.$department.'"',
				'user_role' => '"'.$user_role.'"',
				'user_real_name' => '"'.$user_real_name.'"',
				'is_user_on_duty' => $is_user_on_duty);

if(addUser($params)) {
	alertInfo("添加用户成功！",getHost().'/admin/user-manage/index.php');
	exit();
} else {
	alertInfo("添加用户失败！",getHost().'/admin/user-manage/index.php');
	exit();
}